prefixset

A prefixset is a collection of IP prefixes, typically expressed in CIDR notation, used to classify addresses or routes in networking and security policies. It serves as a single object that can be consulted to determine whether a given IP address or route falls within any of the prefixes it contains. Prefixsets are commonly employed to implement allow/deny decisions, route filters, access control lists, and policy-based routing.

A prefixset can be implemented in multiple ways depending on the environment and performance requirements. Software

Core operations on a prefixset include adding or removing prefixes, checking whether an address or another

Common applications include firewall rules, router policy filtering, and cloud networking where centralized prefix abstractions simplify

See also: prefix-list, access-control list, CIDR, longest-prefix match, routing policy.